f7cc39d5b0a794a941a2b6035961248e_JaffaCakes118

General

Target

f7cc39d5b0a794a941a2b6035961248e_JaffaCakes118
Size

59KB
MD5

f7cc39d5b0a794a941a2b6035961248e
SHA1

2142a1e958408e5a63316e01240eff5847e7adf2
SHA256

20cd4c0213c01fbeb0412ffa10373025c0904f819d265808d933a7c79c0b2a01
SHA512

52278dc0e0a648110e84fb4cefacd387d6972301967eff28f1245432ed53c1a2d7c3be0a91cb10a229a383a994d50b3a5a79814e6659262932b446f5e50e5f3e
SSDEEP

768:4k8rrAu7jKrfHdWhQyxMJ0p6CjKDgwfNJ1IaHbPe:4VWrPdWTCJnc6nKa7P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7cc39d5b0a794a941a2b6035961248e_JaffaCakes118

Files

f7cc39d5b0a794a941a2b6035961248e_JaffaCakes118
.exe .vbs windows:1 windows x86 arch:x86 polyglot

7041f07710d7b8d557933d980041e35f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA
MessageBoxA

kernel32

CloseHandle
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FlushFileBuffers
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentProcess
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
ResumeThread
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WriteFile

ws2_32

shutdown
sendto
setsockopt
socket
htons
inet_addr

winhttp

WinHttpCloseHandle
WinHttpConnect
WinHttpOpen
WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetTimeouts

Sections

AUTO
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7041f07710d7b8d557933d980041e35f

Headers

File Characteristics

Imports

user32

kernel32

ws2_32

winhttp

Sections

AUTO Size: 29KB - Virtual size: 29KB

.idata Size: 2KB - Virtual size: 1KB

DGROUP Size: 24KB - Virtual size: 28KB

.reloc Size: 2KB - Virtual size:

AUTO
Size: 29KB - Virtual size: 29KB

.idata
Size: 2KB - Virtual size: 1KB

DGROUP
Size: 24KB - Virtual size: 28KB

.reloc
Size: 2KB - Virtual size: